package com.adobe.cq.social.journal.trackback;

import com.adobe.cq.mcm.salesforce.SalesforceClient;
import com.adobe.cq.social.journal.JournalEntry;
import com.adobe.cq.social.journal.JournalException;
import com.day.cq.search.Predicate;
import com.day.cq.xss.XSSProtectionException;
import com.day.cq.xss.XSSProtectionService;
import com.day.text.Text;
import java.io.IOException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.servlet.Servlet;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.apache.sling.jcr.api.SlingRepository;
import org.apache.sling.jcr.resource.JcrResourceResolverFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service({Servlet.class})
@Component(metatype = false)
@Properties({@Property(name = "service.description", value = {"Trackback Servlet"}), @Property(name = "sling.servlet.resourceTypes", value = {"cq/Page"}), @Property(name = "sling.servlet.methods", value = {"POST"}), @Property(name = "sling.servlet.selectors", value = {"trackback"}), @Property(name = "reverseReplicate", boolValue = {true})})
/* loaded from: input_file:com/adobe/cq/social/journal/trackback/TrackbackServlet.class */
public class TrackbackServlet extends SlingAllMethodsServlet {
    private static final long serialVersionUID = 1;

    @Reference
    private XSSProtectionService xssProtectionService;

    @Reference
    protected JcrResourceResolverFactory jcrResourceResolverFactory;

    @Reference
    protected SlingRepository repository;
    static final String PROPERTY_REVERSE_REPLICATE = "reverseReplicate";
    static final boolean DEFAULT_REVERSE_REPLICATE = true;
    private boolean reverseReplicate;
    private final Logger log = LoggerFactory.getLogger(getClass());

    @Override // org.apache.sling.api.servlets.SlingAllMethodsServlet
    protected void doPost(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws IOException {
        Session session = null;
        slingHttpServletResponse.setContentType("text/xml");
        if (!slingHttpServletRequest.getContentType().equalsIgnoreCase(SalesforceClient.APPLICATION_FORMURL_ENCODED)) {
            slingHttpServletResponse.getOutputStream().print(error("content type must be application/x-www-form-urlencoded but is " + slingHttpServletRequest.getContentType()));
            slingHttpServletResponse.getOutputStream().flush();
            return;
        }
        try {
            if (slingHttpServletRequest.getParameter("url") == null) {
                slingHttpServletResponse.getOutputStream().print(error("client must send a url"));
                slingHttpServletResponse.getOutputStream().flush();
                return;
            }
            try {
                try {
                    session = this.repository.loginAdministrative(null);
                    createTrackbackNode(session, slingHttpServletRequest);
                    slingHttpServletResponse.getOutputStream().print(success());
                    slingHttpServletResponse.getOutputStream().flush();
                    if (session != null && session.isLive()) {
                        session.logout();
                        session = null;
                    }
                } catch (JournalException e) {
                    slingHttpServletResponse.getOutputStream().print(error("unspecified error"));
                    this.log.error(e.getMessage());
                    slingHttpServletResponse.getOutputStream().flush();
                    if (session != null && session.isLive()) {
                        session.logout();
                        session = null;
                    }
                }
            } catch (RepositoryException e2) {
                slingHttpServletResponse.getOutputStream().print(error("RepositoryException error"));
                this.log.error(e2.getMessage());
                if (session != null && session.isLive()) {
                    session.logout();
                    session = null;
                }
            } catch (XSSProtectionException e3) {
                slingHttpServletResponse.getOutputStream().print(error("xssprotection error"));
                this.log.error(e3.getMessage());
                if (session != null && session.isLive()) {
                    session.logout();
                    session = null;
                }
            }
        } catch (Throwable th) {
            if (session != null && session.isLive()) {
                session.logout();
            }
            throw th;
        }
    }

    private void createTrackbackNode(Session session, SlingHttpServletRequest slingHttpServletRequest) throws JournalException, XSSProtectionException {
        JournalEntry journalEntry = (JournalEntry) this.jcrResourceResolverFactory.getResourceResolver(session).getResource(slingHttpServletRequest.getResource().getPath()).adaptTo(JournalEntry.class);
        if (hasPermission((Session) slingHttpServletRequest.getResourceResolver().adaptTo(Session.class), Text.getAbsoluteParent("/content/usergenerated", 1))) {
            journalEntry.addTrackback(slingHttpServletRequest.getParameter("title") != null ? slingHttpServletRequest.getParameter("title") : "", slingHttpServletRequest.getParameter(Predicate.PARAM_EXCERPT) != null ? slingHttpServletRequest.getParameter(Predicate.PARAM_EXCERPT) : "", slingHttpServletRequest.getParameter("url") != null ? slingHttpServletRequest.getParameter("url") : "", slingHttpServletRequest.getParameter("journal_name") != null ? slingHttpServletRequest.getParameter("journal_name") : "", slingHttpServletRequest.getRemoteAddr());
            journalEntry.save();
        }
    }

    private String success() {
        return "<?xml version=\"1.0\" encoding=\"utf-8\"?><response><error>0</error></response>";
    }

    private String error(String str) {
        return "<?xml version=\"1.0\" encoding=\"utf-8\"?><response><error>1</error><message>" + str + "</message></response>";
    }

    protected boolean hasPermission(Session session, String str) {
        if (session == null) {
            this.log.error("session must not be null");
            return false;
        }
        try {
            this.log.debug("check if user '" + session.getUserID() + "' is allowed to add nodes under " + str);
            session.checkPermission(str + "/_add_node_" + System.currentTimeMillis(), "add_node");
            return true;
        } catch (Exception e) {
            this.log.error("user '" + session.getUserID() + "' not allowed to add nodes under " + str, e);
            return false;
        }
    }

    protected void bindXssProtectionService(XSSProtectionService xSSProtectionService) {
        this.xssProtectionService = xSSProtectionService;
    }

    protected void unbindXssProtectionService(XSSProtectionService xSSProtectionService) {
        if (this.xssProtectionService == xSSProtectionService) {
            this.xssProtectionService = null;
        }
    }

    protected void bindJcrResourceResolverFactory(JcrResourceResolverFactory jcrResourceResolverFactory) {
        this.jcrResourceResolverFactory = jcrResourceResolverFactory;
    }

    protected void unbindJcrResourceResolverFactory(JcrResourceResolverFactory jcrResourceResolverFactory) {
        if (this.jcrResourceResolverFactory == jcrResourceResolverFactory) {
            this.jcrResourceResolverFactory = null;
        }
    }

    protected void bindRepository(SlingRepository slingRepository) {
        this.repository = slingRepository;
    }

    protected void unbindRepository(SlingRepository slingRepository) {
        if (this.repository == slingRepository) {
            this.repository = null;
        }
    }
}
